Posted
by
CowboyNeal
on Friday April 07, 2006 @08:02AM
from the stop-that dept.

An anonymous reader writes "The FTC said it has closed down a spam operation in California that sent millions of unwanted messages to online users across the country and fined the companies involved about $2.4 million. The settlement doesn't shut down the businesses and, based on the financial records of the defendants, the judgment will be suspended upon payment of $475,000."

The FTC and California charged that the defendants e-mail:
-- contained false or forged header information;
-- included deceptive subject headings;
-- failed to identify e-mail as advertisements or solicitations;
-- failed to notify consumers they had a right to opt out of receiving more e-mail;
-- failed to provide an opt-out mechanism;
-- failed to include a valid physical postal address.

If this can't get them shut down what can? Sending out spam email that totally destroys your computer into tiny little pieces?

There's an even bigger problem with this: namely, that as soon as business *complies* with these things, it'll be perfectly legal for them to spam you. Oh, sure, you can opt-out, but that's a lot of hassles when you receive spam from thousands of companies; and what's more, how are you going to distinguish spam from compliant companies (where the opt-out links works as advertised) and other sorts of spam that provide you with "opt-out" links that, in reality, are merely used to verify email addresses etc.?

Licensing spam is like allowing people to break into your house and steal your stuff provided they leave you a business card and offer you an opportunity to opt out for the future.

I think compliant spam must have some sort of tag in the header?Not sure since noone seems ot be complying.

But if it would actually work, email providers could offer a simple checkbox "no spam unless whitelisted" and block ALL of these whithout the user even knowing how to set up filters.Good providers would probably include this checkbox (pre-checked) with the signup process.

Good providers would probably include this checkbox (pre-checked) with the signup process.

Years ago, I signed up with a provider with such a no-spam checkbox. Even though I saw no way how they could possibly enforce this (especially at that time...), I checked it, thinking "what possible harm"...

A week later, when I wanted to set up my web site at the provider, I found out: actually what the checkbox did was not publish me in the provider's address book. Problem: the web server machine also relied on tha

Suspect email blocking--[snip]Filter all emails from senders who are not in your personal address book. You can read messages in your Suspect Email folder at any time, or EarthLink can send you a report summary of suspect messages. For maximum protection, we recommend you turn on Suspect email blocking.

as soon as business *complies* with these things, it'll be perfectly legal for them to spam you.

But:1. is it feasable to send spam from a legitimate address? Having been on the receiving end of a joe-job I know first hand how big the hate-mail and bounce flood is. (Does the US (you-)can-spam law require this address to be monitored?)2. you should be able to filter complient spam on the headers - spamming is no good if everyone is dropping it in the bin at the MTA.

There's an even bigger problem with this: namely, that as soon as business *complies* with these things, it'll be perfectly legal for them to spam you.

Let's cross that bridge when we come to it, shall we? If we can get to the point where all spam follows these rules, it will be a lot easier to do something about it. In the mean time, these rules make it easier to prosecute violators, which is very helpful right now.

I'd fine them $1 for every violaton of the act. Doesn't sound like much does it? Iet's see. Joe Spammer sends connects to his ISP's SMTP server and uploads 1,000,000 spams at once. One violation. No, each spam email is a seperate violation, meaning that he's just violated the act 1,000,000 times all at once. Considering the number of times he's done it, he'll never get out from under because you're not allowed to clear fines or civil judgements with bankrupcy. He'll be living in a one-room apartment

We should force them to send an indivitual hand-written apology to everyone they ever caused pain plus pay the fines.
3805 years of punishment if each letter takes 20 seconds to write and they have spammed 100 million people =)
hmm.. maybe force them to lick all the stamps and envelopes too?:)
That should teach atleast the spammers never to do it again...

Worse yet. From the FTC report [ftc.gov]. The spammers made $2.4M but the fine is only $475,000. So they not only are still in business, but still profitable. The government just wanted to make sure that if people are being harassed, that they are in on it.

As part of the settlement negotiation, their attorney said that they are considering filing bankruptcy. My response was, I couldn't be happier than have them bankrupt and living out of cardboard boxes, and if my suit does not do it, then I will help others do it.

Just like parking tickets will be used to build better parking facilities, speed ticket are being used to improve traffic safety, or environmental taxes are being used to improve the environment.... Nah!;-)

The FTC doesn't have to jail spammers or shut down their 'business' to make them stop. The only reason to send spam is to profit from the retards that buy the stuff they are selling. If you levy steep enough fines, spamming becomes uneconomical. Sure, there will still be script kiddies out there sending spam from zombies just to be pricks, but its way easier to filter out a bunch of 'I pwnd j00' emails than it is to filter out unsolicited quasi-realistic product advertisements and sophisticated phishing att

To be really fair, sentence them to the time a recipient will have to spend to deal with one spam message. Say 1 second to read the subject and hit delete. 600 million spams sent (an amount easily achieved by most spammers) would equate to about 20 years of jail time. I would suggest the minute-per-spam rule to st. Peter as a guideline of the time to be spent in purgatory.

I think it's a good idea to make the attractive side of bulk spamming (the more you s

Consumers forwarded more than 1.8 million of the defendants' e-mail messages to the FTC.

Ever since I heard about the FTC's spam address I forwarded all my spam to it, (what made through the school's filters at least,) even after hearing detracting opinions about it. Good to know my contribution to the effort may not have been entirely in vain.

Spam is hugely profitable, because your overhead is nil. That means the spammers involved have lots of cash. And their company probably has no assets, and will fold into bankruptcy because of these fines. So what does this mean? The guys dig into their pockets filled with cash, and start another company and do it all over again. Its sort of a nice noble gesture, from when Congress clearly had nothing better to do, but its about as effective as making speeding illegal.

That means the spammers involved have lots of cash. And their company probably has no assets, and will fold into bankruptcy because of these fines. So what does this mean? The guys dig into their pockets filled with cash, and start another company and do it all over again.

How exactly does that work? I'm sure the IRS would be interested in talking to them about their financial practices. How is that even legal if the company is incorporated? I was under the impression you couldn't just move money back a

I was under the impression you couldn't just move money back and forth between the business to shelter it from taxes or bankruptcy.

You can extract money from your business to your private account (it's called "profit", d'oh). Of course, obviously there are limits to this if you are under bankruptcy proceedings. But if the spammers are any smart, they take their profits before they get in debt...

As for taxes, most places charge higher taxes to private individuals (especially if they earn much) than to bus

*shrug* I'm not sure how true that is. I used to work for a pretty big, just-barely-legal, bulk email farm. The overhead can actually be pretty high, since you have to keep several networks ready in case too many spam complaints get your upstream to shut you down (and keep in mind, these were mailings that the people did actually request and confirm to receive and had our physical address and phone number in every footer -- I can't imagine how many more complaints the really illegal shit must get). Unless you can talk your provider into making you the abuse contact for your block (at which point the stakes get really high, because you can go to jail if you start screwing around then), you have to move about once every six months.

We basically had two kinds of clients: people who essentially wanted a cheaper Lyris for their mailing list (things like music groups sending out their tour announcements, churches sending out their activities announcements, demagogic political blowhards sending out their vitriolic screeds, etc.), and people who were hawking products (everything from frozen crabcakes to cool little mouse-cord-holder-stands -- I still have one of those -- to "Get Free Money From the Government" books). The first kind of customer was pretty steady and almost never gave us spam complaints (we ended up giving them their own network). The second kind of customer not only generated a lot of spam complaints (and contractually had to pay us $100 for each one), but usually went broke after a few months. They got good receive and open rates, and even OK click-through, but people just didn't buy the shit.

I left the "industry" a while ago in a fit of conscience, but what I learned might be a bit sobering for those who suggest we attack the companies advertising via spam. If my experience is normal, that won't matter because they all go out of business anyways. There's money in bulk email for the companies sending out the email, and for their carriers (who get to charge more for pink contracts), but rarely if ever for the people selling stuff. It's just there's always some new jackass ready to take his place once a seller fails.

That is only one reason. A much simpler and much bigger reason that spam is hugely profitable, because people buy from spammers. This seems to go way over the heads of the vengeful people looking for blood. Like the old cliche says, it's the same as blaming the spoon for making Rosy O'donald fat".

I want them to be sentenced to write (by hand) an apology to every person they've wronged...

and to memorize and pronounce the words made of random letters they include to try to evade spam filters

and to change their names to the one in the "from" field. That is, legally change their names to names such as... let me check my mailbox for a second... "Recipe 4Living", "Approval Dept", "Content Paradise", "Your Mngr. mosettamay", "Sr. Loan Specialist" and "Always Savings".

I'll second that, the first two you list I've had to block for my company. I found a really good way to filter most of this crap, is by the sender. How many people have recipe in their name? Some legitimate companies might, but that's why this crap gets quarantined and not deleted. Another good one to block by is by the html tag to hide text, can't remember what it is. I never could understand all the gibberish in some of these emails, I view them as plain text, then one day I was looking at one in html and

I want them to be sentenced to write (by hand) an apology to every person they've wronged...

I can see it now...

Hello. This is Mr. Spammer, a.k.a. Happy Dude. The court has ordered me to call everyone in town and say that I'm sorry for my telemarketing scams. (pause) I'm sorry. If you can find it in your heart to forgive me, please send one dollar to "Sorry Dude," 742 Evergreen Terrace, Springfield. You have the power.

Punishing a massive spam operation by fining them $475,000 is like punishing a murderous street gang by making them surrender a leather jacket. If anything, this is going to encourage more spam, since spammers will see how utterly light and inconsequential the punishments truly are.

After reading the article, it seems like this amount is all the money (cash and "real property") the spammers had. Sure, they could start again, but with what capital? This way they can at least go out and start working real jobs, and not use taxpayers' money by getting a free lunch every day in Federal prison.

These "entities" that get busted are only fined some arbitrary number, and since they rake in a lot more from their profitable spamming business, then there's no incentive to stop. Right? Why don't they do an investigation and find out how much profit was earned from their spamming ventures, and make that their fine? Better yet, they could just find out how much assets they have, and take all. Wouldn't that stop it?

They could make it completely illegal with penalties up to and including taking every

What scares me is that there are actually people falling for spam nowadays. All the spam I get is full of spelling errors, numbers instead of letters and obviously false promises. Yet there are clearly millions of idiots who check there email and say "Wow! I have been paying too much for Viagra! Brilliant!"

I understand that a lot of people aren't particularly computer-savvy, but if someone came up to you on the street and tried to sell you a dozen spy cameras you wouldn't think twice before saying no.

Like nearly everyone else, my immediate reaction was that spammers make millions and $475,000 is a slap on the wrist that will only encourage other spammers.

But then I got to this, near the end of the article:

Based on financial records provided by the defendants, the judgment will be suspended upon payment of $385,000 in cash and approximately $90,000 from the sale of real property. Should the court find that the defendants misrepresented their financial situations, the entire $2.4 million will be due.

It's easy to see what happened here. The spammers pleaded with the court, "But we don't have two million dollars!" The court was wary and said, "Fine, we'll just charge you the full worth of your company" (which wipes them out, effectively "shutting them down") but it appears the judge added a provision that if the spammers are lying to weasel out of the fine, they will be held accountable.

I have a feeling the spammers will flee the country when it becomes clear they were lying. But at least they will have been forced to give up their nice American lives and their nice American bandwidth. That just might make other spammers question whether the price is worth the profit.

The spammers pleaded with the court, "But we don't have two million dollars!" The court was wary and said, "Fine, we'll just charge you the full worth of your company" (which wipes them out, effectively "shutting them down") but it appears the judge added a provision that if the spammers are lying to weasel out of the fine, they will be held accountable.

We call that perjury in this country. I believe it is accompanied by lengthy jail sentences. I don't see the need for this at all, except perhaps making the

Basically, if you're caught spamming the Feds come in and make you account for all of your income over the last year. Any money derived from spamming is forfeited, plus penalties. I'd also like to see the penalties weighted so that if the spammer gives up the identity of who paid him or her to spam, the penalty is reduced if that person is successfully prosecuted as well. This way the number of spammers and the companies which contract them get slapped.

Any legitimate business should be able to account for all its income. If a spammer can't prove his income is clean, it is no different than a drug trafficker having piles of cash around which just magically appeared. Anything which can't be documented as coming from a non-spam source should be considered profits of a criminal enterprise, and should get seized.

If you read through other FTC settlements, this is entirely typical. In return for the "target" company not fighting the FTC action, they give up all their money and promise to go forth and sin no more. It usually allows them to engage in their business, whatever that is, but they must not violate the rules again. This settelment was not unique to spammers. It is the same deal that is usually offered to "guaranteed credit card" rip-offs, rule-violating telemarketers, etc.

Typical language: "Defendants are enjoined from engaging in business practices violating the XYZ act in the future."

Of course, there are those that accept the settlement, and then go right back and do the same damn thing again. When that happens, usually the FTC goes directly to court and obtains an injunction against the whole company, and the offender is completely barred from whatever business they were in. Example: "Defendents are permanently barred from owning, operating, or being employed in any operation that involves the sending of e-mail for marketing purposes."

If they violate this, or try to hide, or the conduct is particularly nasty, they get referred to the justice dept. for prosecution.

Everyone's favorite late-night infomercial moron, Kevin Trudeau (speed reading, memory improvement, etc.) got slapped twice by the FTC, so he wised up and instead deceided to promote a completely bogus book instead. Since it a book containing opinions instead of a worthless physical product, the FTC can't stop him, despite him being as full of B.S. as ever.

fined the companies involved about $2.4 million. The settlement doesn't shut down the businesses and, based on the financial records of the defendants, the judgment will be suspended upon payment of $475,000

Maybe it's just me, but I have trouble understanding how this fine works. Do I understand correctly that the company was fined $FINE, yet the fine will be suspended upon payment of $FINE/5 and everybody can go on as they please? If you can get away with paying $100, why fine $500 in the first place?

Fines won't eliminate SPAM. When one spammer folds, another starts up. It costs almost nothing to start a SPAM operation and they make tons of money. These people are parasites. They should be charging them with mail fraud and racketeering, freezing all their assets and sending them to jail.

Here's a question for you. How much SPAM would be eliminated if people's home computer could not be compromised by trojan SPAM agents that spammers use to send out their e-mails?

wprowe: It seems like Microsoft could nearly single handedly kill SPAM just by fixing Windows. Am I dreaming or am I on the right track?Dreaming ? yes. Right track ? Yes.

Anyone who survived the onslaught of Nimda and CodeRed will agree. These two ground the 'net to almost a complete halt *precisely* because of the volume of default, "everything on" Win2K installs that were out there. Precisely why an enduser workstation used as a wordprocesser needs to have all IIS services running has no justifiable answer